House Rental And Property Listing Project versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 2.4).
Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.3, from 2023.0.0 before 2023.0.8, from 2022.1.0 before 2022.1.11, from 2022.0.0 before 2022.0.10. [CVSS 3.7 LOW]
Bigfix Insights For Vulnerability Remediation versions up to 4.2 is affected by missing authentication for critical function (CVSS 2.9).
Rankology SEO and Analytics Tool (WordPress plugin) is affected by improper authorization (CVSS 2.7).
Bigfix Insights For Vulnerability Remediation versions up to 4.2 is affected by information exposure (CVSS 2.2).
Server-side request forgery in InvoiceNinja up to version 5.12.38 allows remote attackers with high privileges to manipulate the company_logo parameter during migration imports, enabling them to make arbitrary outbound requests from the affected server. Public exploit code is available and the vendor has not provided a patch or response to this disclosure. The vulnerability affects PHP and Golang environments with a CVSS score of 4.7.
Bigfix Insights For Vulnerability Remediation versions up to 4.2 is affected by insufficient session expiration (CVSS 2.0).